<?php 
    session_start();
    $username = $_POST["username"];
    $password = $_POST["password"];
    $errorMsg = "";
    $displayLoginPage = true;
    setcookie("username", "$username", time()+20);
?>

<!DOCTYPE html>
<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <title></title>
    </head>
    <body>
        <?php
        // login code is here

        
        if (strlen($username) == 0 || strlen($password) == 0) {
            $errorMsg = "Invalid employee login";
        }
        
        if (strlen($username) == 0 && strlen($password) == 0) {
            $errorMsg = "";
        }
        
        //go to DB to validate employee when username and password both exist
        if (strlen($username) > 0 && strlen($password) > 0) {
            $sql = "select * from users where username='$username' and password='$password'";
            
            $link = mysql_connect("localhost", "zhouzhao", "19831022");
            if (!$link) {
                die("error: could NOT connect to DB ".mysql_error());
            }
            
            mysql_selectdb("cloudcom", $link);
            $result = mysql_query($sql);
            
            if(!($row = mysql_fetch_assoc($result))){
                //invalid login
                $errorMsg = "Invalid login<br/>";
            }else{
                //valid login
                $errorMsg = "Valid ".$row["userType"]." login<br/>";
                $displayLoginPage = false;
            }
            
            mysql_close($link);
        }
        

        
        ?>
        
        <p style="color:red">
            
            <?php
//                echo $errorMsg;               
                if($displayLoginPage){
                    require 'login.html';
                }
            ?>
        </p>
        
        <?php
            $_SESSION["userID"] = $row["userID"];
            $_SESSION["userType"] = $row["userType"];
            //require 'employee.html';
            if(!strcmp($row["userType"], "administrator")){
                require 'admin.php';
            }else if(!strcmp($row["userType"], "seller")){
                require 'seller.php';
            }else if(!strcmp($row["userType"], "manager")){
                require 'manager.php';
            }
        ?>
    </body>
</html>
